package cn.edu.pzhu.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import cn.edu.pzhu.pojo.User;

/**
 * Servlet Filter implementation class OperationFilter
 */
@WebFilter(urlPatterns = {"/userinfo"})
public class UpdateFliter extends HttpFilter implements Filter {
       
    /**
	 * 
	 */
	private static final long serialVersionUID = 1L;
	/**
     * @see HttpFilter#HttpFilter()
     */
    public  UpdateFliter() {
        super();
        // TODO Auto-generated constructor stub
    }

    /**
     * @see Filter#destroy()
     */
    public void destroy() {
        // TODO Auto-generated method stub
    }

    /**
     * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
     */

    /**
     * @see Filter#init(FilterConfig)
     */
    public void init(FilterConfig fConfig) throws ServletException {
        // TODO Auto-generated method stub
    }
    protected void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
            throws IOException, ServletException {	
//      System.out.println("修改过滤器开始工作……");   
        Object object = request.getSession().getAttribute("user");
        String usernameParame = request.getParameter("username");
        User user = (User) object;
        String usernameSession = user.getUsername();
        if(!usernameSession.equals(usernameParame)) {
            response.setContentType("text/html;charset=utf-8");
            response.getWriter().print("<script>alert(\"你登录的是" + usernameSession + "，无权限修改" + usernameParame + "的个人信息!\");location.href='userinfo.jsp'</script>");
            return;
        }

        super.doFilter(request, response, chain);
    }
}